Granting Mailbox Security Management Permissions

I needed to enable the Help Desk to be able to modify permissions on mailboxes. I put the help desk security group in the Exchange Recipient Administrators group. That gives them the ability to modify Exchange attributes but would not allow them to modify permissions on a mailbox. The next available role was “Exchange Organization Administrator” but I couldn’t give them full access to Exchange. I opened a case with Microsoft and we came up with the following Powershell command:

Get-MailboxDatabase | Add-ADPermission -user "domain\group" -accessrights writeproperty -extendedrights "administer information store" -inheritancetype all

That gives them the necessary rights so that they can modify permissions on mailboxes. Any time a new database is created we will have to run the command against it to give the Help Desk the necessary permissions.

Event 8230 Corrupt Calendar Item Auto Fix

Have a good working copy of the Powershell code necessary to actively trap 8230 events on remote servers and execute PowerPoof against the Calendar in the suspect mailbox. A single instance is required for each server. I'm running against four clustered 2007 servers.

Right now the code is contained in two ps1 scripts. It also requires PSEventing to be installed. The first script calls the second one in a new Exchange Powershell so that get-mailbox can be executed safely. It then exits that shell and returns to watching for new events.

I would suggest executing the main script (get-logevent.ps1) from a non-Exchange Powershell. I only say that because I change the title of the window to the name of the server being watched and that function doesn't work in the Exchange Powershell. Here's a link to the downloads:

Get-LogEvent.ps1
Clean-Mailbox.ps1

The code is raw but it gets the job done.

Exchange 8230 Monitoring & Calendar Item Repairing

Got the Powershell code running early this morning. Used PSEventing to get the event triggering to work right. Looks like I'm still having trouble with the Regex Matching when extracting the user info from the Event Message. I'm gonna sort that out ASAP.

PSEventing works great but was getting conflicts with the Exchange 2007 Powershell environment. My PS1 would crash when I called Get-Mailbox. I worked on troubleshooting with the developer of PSEventing but no resolution as of yet. As a workaround, I'm calling the Exchange stuff by launching a second instance of Exchange Powershell and passing the user info to it. It exits when done with PowerPoof and I'm back to monitoring for the next event.

I'll post the code when I get it running smoother. It'll be raw but functional. :)

iPod/Bluetooth Solution Finalized

Had good success last night with the 8GB Nano/Moto D650/Moto S9 combo last night.

I had previously purchased a Nike Arm Wallet to hold my 8525 while I jogged. I found that the pocket is just deep enough to hold the Nano/D650. I had absolutely no drop-outs all night. I was a bit concerned about the battery life but I went at least 2.5 hours total. The Nano battery indicator will drop quickly but then stays in the red for another couple of hours.

The ultimate solution of an iPod like interface streaming from a remote library is still a year or so out. The bandwidth is there but the nice front end with minimal CPU usage, local ID3 Tag indexed library, AVRCP/A2DP, and a robust connection to the server are no where to be found.

Exchange 2007 Took Out 1700 Mailboxes For 25 Minutes

We have a 4+1 cluster and about 28K maiboxes. One of the storage groups started throwing 1022 logon errors and no one could access their mailbox. I started getting hammered with calls and walk-ups. All the services were still running. I had to take the server offline and back up to get it cleared.

The 1022's followed numerous 8230's and then one 623 just before the logon errors. The 8230's are a known issue with recurring calendar items that have been expanded by OWA. Don't know much more than that except that it has caused us to go down a couple of times previously due to rampant transaction log create and disk space issue. This time the store went down first.

I'm using an event log monitoring app to e-mail me on 8230's and then I'm using PowerPoof to clear the corrupt calendar item out. I hope to have an automated solution up soon but I'm having difficulty since event log monitoring likes to happen locally to the servers and PowerPoof uses Outlook which can't (shouldn't) be installed on servers. More later...

Getting iPod Up To Speed

Motorola D650

Picked a combo set (Moto S9 & D650) up at Fry's and since I already had a pair of S9's I didn't have to wait to charge the headphones before I got started. I paired very quickly (while driving I might add) and got an immediate rush of freedom and expansion. I had been using my Cingular 8525 before and, for one, the phone is pretty much useless while streaming bluetooth. The necessary processing slows the phone down toooo much. Then getting to the interface of MortPlayer is very cumbersome if you want to change music on the fly. And of course, now I have 8GB of storage instead of the 2GB on the MicroSD card. Streaming would be my ultimate solution but that's just not ready for primetime.

Range for the combo is pretty good. I was able to walk into another room and about 20+ feet from the D650 before getting drop-outs. Got to try the solution while shooting baskets last night and was a bit disappointed. Kept getting drop-outs. I'm not sure if it was because of a loose connection or what. I had the Nano/D650 pair in my back pocket. I'm trying to find a good armband solution for the extended Nano.

Also, lost my third pair of S9's during that workout. This morning I had no Pause/Play button. Good thing I had a spare ready to go. Don't worry, I've only paid for one unit since I keep doing the switch game with Motorola's vendors. Maybe they'll get it right some day and mild sweat won't break the buttons.